Security

Designed in, not bolted on.

Your inventory, your clients, and your billing data are some of the most sensitive records your business owns. Here's how Cypress OS keeps them safe.

Per-organization data isolation

Every organization's data is isolated at the database layer using row-level security policies. A query for one organization can never return another organization's records — enforced by the database, not by application code.

Encryption in transit and at rest

All traffic between your browser and Stowley is encrypted with TLS. Data at rest — including the database, file uploads, and backups — is encrypted using industry-standard AES-256.

Authentication & role-based access

Authentication uses secure, short-lived session tokens with refresh rotation. Inside an organization, role-based permissions let you scope what each team member can see and do — drivers see only assigned jobs, managers see everything.

Audit trail

Every change to inventory, invoices, work orders, and client records is logged with the user, action, and timestamp so you can investigate discrepancies in minutes.

Backups & infrastructure

Stowley runs on managed cloud infrastructure with automatic daily database backups and continuous platform monitoring with automatic failover.

Responsible disclosure

If you've found a vulnerability, please email security@stowley.com. We acknowledge reports within one business day and work in good faith with researchers to fix issues quickly.

Have a security question or vendor review? Contact us and we'll get back to you.

See it in action — no signup required

Spin up a private sandbox workspace pre-loaded with sample inventory, clients, invoices, and work orders. Click around, break things, and see exactly how Stowley would fit your business — today.

Create your account

Your sandbox is temporary and resets automatically — explore freely.